package com.yqb.study.aop.auth;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.context.annotation.DependsOn;
import org.springframework.core.Ordered;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import com.yqb.study.aop.AopOrderEnum;
import com.yqb.study.common.exception.GlobalException;
import com.yqb.study.common.session.IRedisSession;
import com.yqb.study.common.session.RedisSessionContextHolder;
import com.yqb.study.common.session.args.RedisSession;
import com.yqb.study.constant.CodeMsgEnum;
import com.yqb.study.constant.key.ICookieKey;
import com.yqb.study.util.CookieUtil;

import lombok.extern.slf4j.Slf4j;

/**
 * 在进入每个页面之前校验,他是否已经登录了
 */
@Aspect
@Component
@DependsOn("springContextHolder")
@Slf4j
public class AuthorizeHandler implements Ordered {

//	@Pointcut("execution(public * com.imooc.controller.Seller*.*(..))"
//			+ "&& !execution(public * com.imooc.controller.SellerUserController.*(..))")
//	public void verify() {
//	}
	
	// 只管数据查询,不管页面资源
	@Pointcut("execution(public * com.yqb.study.modular.controller.data.*.*(..))"
			+ "&& !execution(public * com.yqb.study.modular.controller.data.AuthController.*(..))"
			+ "&& !execution(public * com.yqb.study.modular.controller.data.RestFulController.*(..))"	
			+ "&& !execution(public * com.yqb.study.modular.controller.data.MqController.*(..))"			
			+ "&& !execution(public * com.yqb.study.modular.controller.view.*.*(..))")
	public void verify() {
	}	

//	@Before("verify()")
//	public void doVerify() {
//		ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
//		// 获取request
//		HttpServletRequest request = attributes.getRequest();
//		// 获取response
//		HttpServletResponse response = attributes.getResponse();
//
//		// 1.查询cookie,取出token
//		String token = CookieUtil.getToken(request, ICookieKey.TOKEN_KEY);
//		if (StringUtils.isEmpty(token)) {
//			log.error("【登录校验AOP】request中没有带来token");
//			// 在统一异常处理中拦截,并跳转重新登录页面
//			throw new GlobalException(CodeMsgEnum.LOGIN_SESSION_LOST);			
//		}		
//
//		// 2.去redis里查询		
//		IRedisSession sessionRedis = new RedisSessionImpl(token);	
//		RedisSession sessionRedisVar = sessionRedis.getSessionRedis();
//		if (sessionRedisVar == null || sessionRedisVar.getUser() == null) {
//			log.error("【登录校验AOP】Redis中查不到session");
//			// 在统一异常处理中拦截,并跳转重新登录页面
//			throw new GlobalException(CodeMsgEnum.LOGIN_SESSION_LOST);
//		} else {
//			// 延长登录有效期
//			sessionRedis.addCookieSession(response, token, sessionRedisVar.getUser());
//		}
//	}
	
	@Before("verify()")
	public void doVerify() {
		ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
		// 获取request
		HttpServletRequest request = attributes.getRequest();
		// 获取response
		HttpServletResponse response = attributes.getResponse();

		// 1.查询cookie,取出token
		String token = CookieUtil.getToken(request, ICookieKey.TOKEN_KEY);
		if (StringUtils.isEmpty(token)) {
			log.error("【登录校验AOP】request中没有带来token");
			// 在统一异常处理中拦截,并跳转重新登录页面
			throw new GlobalException(CodeMsgEnum.LOGIN_SESSION_LOST);			
		}		

		// 2.去redis里查询		
		IRedisSession sessionRedis = RedisSessionContextHolder.getThreadRedisSession();	
		RedisSession sessionRedisVar = sessionRedis.getSessionRedis();
		if (sessionRedisVar == null || sessionRedisVar.getUser() == null) {
			log.error("【登录校验AOP】Redis中查不到session");
			// 在统一异常处理中拦截,并跳转重新登录页面
			throw new GlobalException(CodeMsgEnum.LOGIN_SESSION_LOST);
		} else {
			// 延长登录有效期
			sessionRedis.addCookieSession(response, token, sessionRedisVar.getUser());
		}
	}

	@Override
	public int getOrder() {
		return AopOrderEnum.AUTH_AOP.getNum();
	}	
}
